You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Until v0.17.0, SDK for global AWS services were working without issues when used with empty/no region. The issue was discovered when interacting with SDKs of the following AWS services:
Try calling IAM endpoint to list IAM Roles and configure no region. The request will fail, since the only accepted region value is aws-global.
The issue was discovered in Terraformer tool when upgrading from v0.17.0 to v0.18.0. Once an update was made, the following errors are seen when calling global services:
// When calling IAM SDK
UnknownEndpointError: could not resolve endpoint
partition: "aws", service: "iam", region: "", known: [aws-global]
// When calling route53 SDK
UnknownEndpointError: could not resolve endpoint
partition: "aws", service: "route53", region: "", known: [aws-global]
Thanks for reaching out @meshuga. The behavior you're experiencing is the intended behavior of the SDK. The SDK was incorrectly not checking for a valid region when resolving the endpoint for a service in some cases. The SDK's behavior to allow empty region to resolve to a endpoint was not intended.
Using aws-global is the best way to provide the correct region for endpoint resolving. A reason for this change also is that services like IAM also have global endpoints in other partitions such as AWS China (aws-cn-global) and AWS GovCloud (US) (aws-us-gov-global).
The aws-global region identifier is valid for a subset of the AWS services, and should be supported by the other AWS SDKs as well.
The v1 aws-sdk-go did not force this change in order to maintain backwards compatibility since the bug has been present in that version of the SDK for a very long time.
Version of AWS SDK for Go?
v0.19.0
v0.18.0
Version of Go (
go version
)?1.13.5
What issue did you see?
Until v0.17.0, SDK for global AWS services were working without issues when used with empty/no region. The issue was discovered when interacting with SDKs of the following AWS services:
It is assumed the issue can be seen when interacting with all SDKs of AWS services with only
aws-global
region described in https://github.com/aws/aws-sdk-go-v2/blob/master/models/endpoints/endpoints.json.Steps to reproduce
Try calling IAM endpoint to list IAM Roles and configure no region. The request will fail, since the only accepted region value is
aws-global
.The issue was discovered in Terraformer tool when upgrading from v0.17.0 to v0.18.0. Once an update was made, the following errors are seen when calling global services:
The error is described in GoogleCloudPlatform/terraformer#385.
Related PR in SDK Go V2: #420
The text was updated successfully, but these errors were encountered: